Look-alike Avast Online Security extension deceives users

Threat Intelligence Team, 29 October 2014

Look-alike Avast Online Security extension deceives users.

We have been recently notified about a suspicious browser extension for Google Chrome. Suspicious because it was called "Avast Free Antivirus 2014", while our browser extension is actually called Avast Online Security. You can see the fake extension along with our official ones in the printscreens from the Chrome Web Store.

chrome_web_store_hl

The extension looks professional featuring printscreens of the PC version of Avast 2014 and a good rating of 4 stars. It is so well-done that it may trick users to install it – and indeed almost 2,000 users fell for this.

fake_extension

After installing, the only thing that is added is the little icon between the search bar and options button, as can be seen on the printscreen above, where the extension is already installed.

Viewing the extension code reveals that it is surprisingly lightweight. It merely opens a new tab with a predefined URL when the Avast icon is clicked.

code

The website, fortunately, is not malicious at all, so there is nothing harmful to the user, other than deceiving them with a false sense of security. The author of the extension created many more extensions, each leading to a different landing page on the same domain. The only comfort we received from this malicious extension, was that our extension was the most downloaded one! That confirms to us that our service is valued (and needed!).

developers_apps

To get the authentic Avast Online Security app for your browser, please visit us on the Chrome Web Store.

Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on Facebook, Twitter and Google+.

Related articles